A backdoor is a deliberate configuration
or specific program designed to allow access to a system without requiring
the usual security checks. This doesnt necessarily mean its
solely for a hackers benefit. A system administrator may indeed
leave a backdoor into all client PCs that he installs for users just
in case they inadvertently lock themselves out. However, the type of
backdoor we are concerned with here is the malicious kind.

Malicious backdoors range
from simple to complex and feature-laden. One of the simpler backdoors
is NetBus, a Trojan (see section 1.5) that allows complete remote
access to any system its installed on. It provides a remote-control
type desktop, much like PCAnywhere or Microsoft Terminal Services, giving
an attacker complete control over a machine as if they were physically
in front of it. NetBus is relatively unsophisticated though, and easy
to detect.

A far more complete backdoor package
is BackOrifice. BackOrifice even provides a configuration screen where
you select the modules you wish to include and the overall configuration
of listener ports, behavior, etc. When youve set your configuration,
BackOrifice builds a custom executable for you to distribute as you
wish.

There are a wide range of modules
available for BackOrifice, including port mappers, remote control, key
capturing and application binding (where your BackOrifice executable
attaches itself to system files like a virus).

Back Doors

A backdoor is a program or deliberate machine configuration designed to allow an unauthorized attacker access to a system without the usual security checks, such as user authentication. Malicious backdoors include the NetBus and BackOrifice programs.

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!